1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
module "fdio-logs" {
# fdio logs iam
source = "../terraform-vault-aws-secret-backend"
name = "dynamic-aws-creds-vault-fdio-logs"
aws_access_key = var.aws_access_key
aws_secret_key = var.aws_secret_key
policy_document = jsonencode({
Statement = [
{
Action = [
"iam:*",
"ec2:*",
"s3:*",
"elasticbeanstalk:*",
"ssm:*",
"cloudformation:*",
"logs:*",
"elasticloadbalancing:*",
"autoscaling:*",
"cloudwatch:*"
]
Effect = "Allow"
Resource = "*"
},
]
Version = "2012-10-17"
})
}
module "csit-cdash" {
# csit cdash iam
source = "../terraform-vault-aws-secret-backend"
name = "dynamic-aws-creds-vault-cdash"
aws_access_key = var.aws_access_key
aws_secret_key = var.aws_secret_key
policy_document = jsonencode({
Statement = [
{
Action = [
"iam:*",
"ec2:*",
"s3:*",
"elasticbeanstalk:*",
"ssm:*",
"cloudformation:*",
"logs:*",
"elasticloadbalancing:*",
"autoscaling:*",
"cloudwatch:*"
]
Effect = "Allow"
Resource = "*"
},
]
Version = "2012-10-17"
})
}
module "fdio-csit-jenkins" {
# fdio csit jenkins iam
source = "../terraform-vault-aws-secret-backend"
name = "dynamic-aws-creds-vault-fdio-csit-jenkins"
aws_access_key = var.aws_access_key
aws_secret_key = var.aws_secret_key
policy_document = jsonencode({
Statement = [
{
Action = [
"iam:*",
"ec2:*",
"s3:*",
"elasticbeanstalk:*",
"ssm:*",
"cloudformation:*",
"logs:*",
"elasticloadbalancing:*",
"autoscaling:*",
"cloudwatch:*"
]
Effect = "Allow"
Resource = "*"
},
]
Version = "2012-10-17"
})
}
|
